Subject: Re: compat_hpux, systrace
To: Andrew Doran <email@example.com>
From: Perry E. Metzger <firstname.lastname@example.org>
Date: 12/25/2007 12:13:55
Andrew Doran <email@example.com> writes:
> Unless there is a compelling reason not to, I'm going to remove these two
> misfeatures because they impose an unjustified maintenence burden on the
> kernel developers.
> systrace can be circuvented easily, and if it breaks, it's usually months
> before anyone notices. compat_hpux is highly unlikely to be of use.
The implementation of systrace is broken, but the functionality it in
theory provides is of tremendous value -- being able to constrain the
behavior of programs provides a very big tool for securing software.
I would suggest that it would be important to think of a way to
re-implement the functionality in such a way that it worked correctly.
Perry E. Metzger firstname.lastname@example.org